Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

ok, so my pc starting having a few popups, so I ran a spybot and malware scan. I deleted what was detected, and a trash trojan kept popping up on my Avira antivirus: ( Virus or unwanted program 'TR/Trash.Gen [trojan]'detected in file 'C:\WINDOWS\system32\vojedayu.dll. )

I did another scan and thought it was gone because nothing showed up. I did a defragmentation of my system and a disk cleanup, and now my internet is acting weird.

I can't view most webpages that are normally fine, the system restore wont work, and other little problems.

Here is my Hijack this log. Thank You in advance for the help.

P.S. I usually visit Spywareinfoforum.com for problems but my internet wont let me view that page. So thank you for the help.

EDIT: It's been 1 day since I posted this and today another Trojan popped up on my Avira:( Virus or unwanted program 'TR/Spy.39424.61 [trojan]'detected in file 'C:\WINDOWS\system32\kosilalo.dll.)

It popped up twice and I denied it both times. Just thought this might be helpful to the person helping out. I don't know if that spy word in there means someone can see the info on my pc, so I've stopped logging into my bank aand other personal stuff. Thanks again in advance.

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our
Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

Now when I went to log in to my pc I was flodded with Avira notices to the point I couldnt do anything, so i had to delete those items from HJT in safe mode.

Then I went to regular mode and started the combofix scan and the alerts kept popping back up during the scan. But it was able to finish and give me the log, which I just posted back here in safe mode again.

Anything else I can be of help to just let me know. Thanks again.

EDIT: Also, I didn't see anything pop up at all about the recovery tool.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red). Also take note that remnants of the above program/s and any other P2P program found will be removed when cleaning.

While in add/remove programs also uninstall the following:-

LiveUpdate 2.6 (Symantec Corporation)Spybot - Search & Destroy 1.4

NOTE Spybot can be installed again once we are finished cleaning the computer, but will interfere with what we are doing in the meantime.

Are you able to run HJT in normal mode? If so, once the above is done post back with a HJT log done in normal mode. If you are unable too, that is fine for now.

Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

You should Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.All versions numbered lower than 9.2 are vulnerable.

Go HERE and click on AdbeRdr920_en_US.exe to download the latest version of Adobe Acrobat Reader.

Save this file to your desktop and run it to install the latest version of Adobe Reader.

Update Java Runtime

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 18.

Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select AllClick the Empty Selected button. (If you use FireFox or the Opera browser,To keep saved passwords, click No at the prompt.)Click Exit on the Main menu to close the program.

Those notifications are showing old infection hiding in your system restore and will be removed when we clean up as we will flush old restore points when removing Combofix. Just don’t do a System restore before we finish. So if you are not having any further problems, I would suggest you proceed as follows.

MBAM and ATF are great tools for you to keep and use on a regular basis.

You can remove System Look and the file it created.

Uninstall ComboFix:

Click on Start >> Run...

Now type in ComboFix /Uninstall into the and click OK.

Note the space between the X and the /Uninstall, it needs to be there.

The above procedure will implement some cleanup procedures as well as reset System Restore points

Let's clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.

Double-click OTM.exe.

Click the CleanUp! button.

Select Yes when the "Begin cleanup Process?" prompt appears.

If you are prompted to Reboot during the cleanup, select Yes.

The tool will delete itself once it finishes, if not delete it by yourself.

Here are some free programs I recommend that could help you improve your computer's security.

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system. If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.